diff options
author | pmikus <pmikus@cisco.com> | 2021-06-10 08:51:19 +0000 |
---|---|---|
committer | Peter Mikus <pmikus@cisco.com> | 2021-06-10 10:23:18 +0000 |
commit | e16906eaa7e50dfd3bbf16542d1ea3656d45862c (patch) | |
tree | 5cdc5bda778948fd69e7444ba5898aa91c086093 /GPL | |
parent | db359de3ff4ecd93c8d30ed52d996380ae22acda (diff) |
FIX: Add ICMPv6MLReport2 masking
Signed-off-by: pmikus <pmikus@cisco.com>
Change-Id: I1183a0ffd13c6926b3963b78630954bb6356133b
(cherry picked from commit 8b25b4e89bdba964f2a3d602b8c47f551a084724)
(cherry picked from commit aa02a041d8a6099f870d21bb5949bd741733df80)
Diffstat (limited to 'GPL')
-rw-r--r-- | GPL/traffic_scripts/geneve_tunnel.py | 10 | ||||
-rw-r--r-- | GPL/traffic_scripts/ipsec_interface.py | 6 | ||||
-rw-r--r-- | GPL/traffic_scripts/ipsec_policy.py | 6 | ||||
-rw-r--r-- | GPL/traffic_scripts/lisp/lisp_check.py | 28 | ||||
-rw-r--r-- | GPL/traffic_scripts/lisp/lispgpe_check.py | 31 | ||||
-rw-r--r-- | GPL/traffic_scripts/nat.py | 6 | ||||
-rw-r--r-- | GPL/traffic_scripts/policer.py | 6 | ||||
-rw-r--r-- | GPL/traffic_scripts/send_icmp_wait_for_reply.py | 8 | ||||
-rw-r--r-- | GPL/traffic_scripts/srv6_encap.py | 6 |
9 files changed, 83 insertions, 24 deletions
diff --git a/GPL/traffic_scripts/geneve_tunnel.py b/GPL/traffic_scripts/geneve_tunnel.py index 3dd40b6a3a..1270aa6663 100644 --- a/GPL/traffic_scripts/geneve_tunnel.py +++ b/GPL/traffic_scripts/geneve_tunnel.py @@ -30,7 +30,7 @@ import sys from ipaddress import ip_address from scapy.contrib.geneve import GENEVE from scapy.layers.inet import IP, UDP -from scapy.layers.inet6 import IPv6, ICMPv6ND_NS +from scapy.layers.inet6 import IPv6, ICMPv6ND_NS, ICMPv6MLReport2 from scapy.layers.l2 import Ether from scapy.packet import Raw @@ -280,6 +280,10 @@ def main(): if rx_pkt_recv.haslayer(ICMPv6ND_NS): # read another packet in the queue if the current one is ICMPv6ND_NS continue + elif rx_pkt_recv.haslayer(ICMPv6MLReport2): + # read another packet in the queue if the current one is + # ICMPv6MLReport2 + continue else: # otherwise process the current packet break @@ -333,6 +337,10 @@ def main(): if tx_pkt_recv.haslayer(ICMPv6ND_NS): # read another packet in the queue if the current one is ICMPv6ND_NS continue + elif tx_pkt_recv.haslayer(ICMPv6MLReport2): + # read another packet in the queue if the current one is + # ICMPv6MLReport2 + continue else: # otherwise process the current packet break diff --git a/GPL/traffic_scripts/ipsec_interface.py b/GPL/traffic_scripts/ipsec_interface.py index 9c28f4c06d..ee157260fa 100644 --- a/GPL/traffic_scripts/ipsec_interface.py +++ b/GPL/traffic_scripts/ipsec_interface.py @@ -29,7 +29,7 @@ import sys from ipaddress import ip_address from scapy.layers.inet import IP -from scapy.layers.inet6 import IPv6, ICMPv6ND_NS +from scapy.layers.inet6 import IPv6, ICMPv6ND_NS, ICMPv6MLReport2 from scapy.layers.ipsec import SecurityAssociation, ESP from scapy.layers.l2 import Ether from scapy.packet import Raw @@ -271,6 +271,10 @@ def main(): if tx_pkt_recv.haslayer(ICMPv6ND_NS): # read another packet in the queue if the current one is ICMPv6ND_NS continue + elif tx_pkt_recv.haslayer(ICMPv6MLReport2): + # read another packet in the queue if the current one is + # ICMPv6MLReport2 + continue else: # otherwise process the current packet break diff --git a/GPL/traffic_scripts/ipsec_policy.py b/GPL/traffic_scripts/ipsec_policy.py index 0d5dcf5481..4acf0a144b 100644 --- a/GPL/traffic_scripts/ipsec_policy.py +++ b/GPL/traffic_scripts/ipsec_policy.py @@ -29,7 +29,7 @@ import sys from ipaddress import ip_address from scapy.layers.inet import IP -from scapy.layers.inet6 import IPv6, ICMPv6ND_NS +from scapy.layers.inet6 import IPv6, ICMPv6ND_NS, ICMPv6MLReport2 from scapy.layers.ipsec import SecurityAssociation, ESP from scapy.layers.l2 import Ether from scapy.packet import Raw @@ -205,6 +205,10 @@ def main(): if rx_pkt_recv.haslayer(ICMPv6ND_NS): # read another packet in the queue if the current one is ICMPv6ND_NS continue + elif rx_pkt_recv.haslayer(ICMPv6MLReport2): + # read another packet in the queue if the current one is + # ICMPv6MLReport2 + continue else: # otherwise process the current packet break diff --git a/GPL/traffic_scripts/lisp/lisp_check.py b/GPL/traffic_scripts/lisp/lisp_check.py index 6612485893..88d4ad5619 100644 --- a/GPL/traffic_scripts/lisp/lisp_check.py +++ b/GPL/traffic_scripts/lisp/lisp_check.py @@ -34,7 +34,7 @@ from scapy.all import bind_layers, Packet from scapy.fields import FlagsField, BitField, IntField from scapy.layers.inet import ICMP, IP, UDP from scapy.layers.inet6 import ICMPv6EchoRequest -from scapy.layers.inet6 import IPv6 +from scapy.layers.inet6 import IPv6, ICMPv6ND_NS, ICMPv6MLReport2 from scapy.layers.l2 import Ether from scapy.packet import Raw @@ -133,13 +133,25 @@ def main(): sent_packets.append(pkt_raw) txq.send(pkt_raw) - if tx_if == rx_if: - ether = rxq.recv(2, ignore=sent_packets) - else: - ether = rxq.recv(2) - - if ether is None: - raise RuntimeError(u"ICMP echo Rx timeout") + while True: + if tx_if == rx_if: + ether = rxq.recv(2, ignore=sent_packets) + else: + ether = rxq.recv(2) + + if ether is None: + raise RuntimeError(u"ICMP echo Rx timeout") + + if ether.haslayer(ICMPv6ND_NS): + # read another packet in the queue if the current one is ICMPv6ND_NS + continue + elif ether.haslayer(ICMPv6MLReport2): + # read another packet in the queue if the current one is + # ICMPv6MLReport2 + continue + + # otherwise process the current packet + break if rx_dst_mac == ether[Ether].dst and rx_src_mac == ether[Ether].src: print(u"MAC addresses match.") diff --git a/GPL/traffic_scripts/lisp/lispgpe_check.py b/GPL/traffic_scripts/lisp/lispgpe_check.py index 41bc0964e6..79d2ccfab6 100644 --- a/GPL/traffic_scripts/lisp/lispgpe_check.py +++ b/GPL/traffic_scripts/lisp/lispgpe_check.py @@ -35,7 +35,7 @@ from scapy.all import bind_layers, Packet from scapy.fields import FlagsField, BitField, XBitField, IntField from scapy.layers.inet import ICMP, IP, UDP from scapy.layers.inet6 import ICMPv6EchoRequest -from scapy.layers.inet6 import IPv6 +from scapy.layers.inet6 import IPv6, ICMPv6ND_NS, ICMPv6MLReport2, ICMPv6ND_RA from scapy.layers.l2 import Ether from scapy.packet import Raw @@ -156,13 +156,28 @@ def main(): sent_packets.append(pkt_raw) txq.send(pkt_raw) - if tx_if == rx_if: - ether = rxq.recv(2, ignore=sent_packets) - else: - ether = rxq.recv(2) - - if ether is None: - raise RuntimeError(u"ICMP echo Rx timeout") + while True: + if tx_if == rx_if: + ether = rxq.recv(2, ignore=sent_packets) + else: + ether = rxq.recv(2) + + if ether is None: + raise RuntimeError(u"ICMP echo Rx timeout") + + if ether.haslayer(ICMPv6ND_NS): + # read another packet in the queue if the current one is ICMPv6ND_NS + continue + if ether.haslayer(ICMPv6ND_RA): + # read another packet in the queue if the current one is ICMPv6ND_RA + continue + elif ether.haslayer(ICMPv6MLReport2): + # read another packet in the queue if the current one is + # ICMPv6MLReport2 + continue + + # otherwise process the current packet + break if rx_dst_mac == ether[Ether].dst and rx_src_mac == ether[Ether].src: print(u"MAC addresses match.") diff --git a/GPL/traffic_scripts/nat.py b/GPL/traffic_scripts/nat.py index d9f0330641..319d617f7c 100644 --- a/GPL/traffic_scripts/nat.py +++ b/GPL/traffic_scripts/nat.py @@ -30,7 +30,7 @@ import sys import ipaddress from scapy.layers.inet import IP, TCP, UDP -from scapy.layers.inet6 import IPv6, ICMPv6ND_NS +from scapy.layers.inet6 import IPv6, ICMPv6ND_NS, ICMPv6MLReport2 from scapy.layers.l2 import Ether from scapy.packet import Raw @@ -182,6 +182,10 @@ def main(): if ether.haslayer(ICMPv6ND_NS): # read another packet in the queue if the current one is ICMPv6ND_NS continue + elif ether.haslayer(ICMPv6MLReport2): + # read another packet in the queue if the current one is + # ICMPv6MLReport2 + continue else: # otherwise process the current packet break diff --git a/GPL/traffic_scripts/policer.py b/GPL/traffic_scripts/policer.py index 262d7878b6..ef78f279ad 100644 --- a/GPL/traffic_scripts/policer.py +++ b/GPL/traffic_scripts/policer.py @@ -31,7 +31,7 @@ import logging from ipaddress import ip_address from scapy.layers.l2 import Ether from scapy.layers.inet import IP, TCP -from scapy.layers.inet6 import IPv6, ICMPv6ND_NS +from scapy.layers.inet6 import IPv6, ICMPv6ND_NS, ICMPv6MLReport2 from scapy.packet import Raw from .TrafficScriptArg import TrafficScriptArg @@ -113,6 +113,10 @@ def main(): if pkt_recv.haslayer(ICMPv6ND_NS): # read another packet in the queue if the current one is ICMPv6ND_NS continue + elif pkt_recv.haslayer(ICMPv6MLReport2): + # read another packet in the queue if the current one is + # ICMPv6MLReport2 + continue else: # otherwise process the current packet break diff --git a/GPL/traffic_scripts/send_icmp_wait_for_reply.py b/GPL/traffic_scripts/send_icmp_wait_for_reply.py index 70d9a99ec2..966fa60a9c 100644 --- a/GPL/traffic_scripts/send_icmp_wait_for_reply.py +++ b/GPL/traffic_scripts/send_icmp_wait_for_reply.py @@ -29,8 +29,8 @@ import sys import ipaddress from scapy.layers.inet import ICMP, IP -from scapy.layers.inet6 import IPv6, ICMPv6EchoRequest, ICMPv6EchoReply,\ - ICMPv6ND_NS +from scapy.layers.inet6 import ICMPv6EchoRequest, ICMPv6EchoReply,\ + ICMPv6ND_NS, ICMPv6MLReport2 from scapy.layers.l2 import Ether from scapy.packet import Raw @@ -126,6 +126,10 @@ def main(): elif icmp_reply.haslayer(ICMPv6ND_NS): # read another packet in the queue in case of ICMPv6ND_NS packet continue + elif icmp_reply.haslayer(ICMPv6MLReport2): + # read another packet in the queue if the current one is + # ICMPv6MLReport2 + continue else: # otherwise process the current packet break diff --git a/GPL/traffic_scripts/srv6_encap.py b/GPL/traffic_scripts/srv6_encap.py index 725db9fc33..9cdfccf432 100644 --- a/GPL/traffic_scripts/srv6_encap.py +++ b/GPL/traffic_scripts/srv6_encap.py @@ -28,7 +28,7 @@ import sys from scapy.layers.inet6 import IPv6, ICMPv6ND_NS, IPv6ExtHdrSegmentRouting,\ - ipv6nh + ipv6nh, ICMPv6MLReport2 from scapy.layers.l2 import Ether from scapy.packet import Raw @@ -296,6 +296,10 @@ def main(): if tx_pkt_recv.haslayer(ICMPv6ND_NS): # read another packet in the queue if the current one is ICMPv6ND_NS continue + elif tx_pkt_recv.haslayer(ICMPv6MLReport2): + # read another packet in the queue if the current one is + # ICMPv6MLReport2 + continue else: # otherwise process the current packet break |